From 54f452dc443a2eddfed7c0a9ceb8e870b128dee6 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:33:14 -0700 Subject: [PATCH 01/14] ci: set permissions and use github token --- .github/workflows/linting.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 1f8b2b906..8a5e3509b 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -10,14 +10,12 @@ concurrency: jobs: build: runs-on: ubuntu-latest + permissions: + pull-requests: write + contents: write + steps: - uses: actions/checkout@v3 - - name: Get auth token - id: token - uses: getsentry/action-github-app-token@v2.0.0 - with: - app_id: ${{ secrets.SENTRY_INTERNAL_APP_ID }} - private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }} - name: Get changed files id: changes uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # v3.0.0 @@ -35,6 +33,7 @@ jobs: cache-dependency-path: | requirements.txt install-cmd: pip install -r requirements-precommit.txt + - name: Setup pre-commit run: | pre-commit install @@ -49,5 +48,5 @@ jobs: # note: this runs "always" or else it's skipped when pre-commit fails uses: getsentry/action-github-commit@31f6706ca1a7b9ad6d22c1b07bf3a92eabb05632 # v2.0.0 with: - github-token: ${{ steps.token.outputs.token }} + github-token: ${{secrets.GITHUB_TOKEN}} message: ':hammer_and_wrench: apply pre-commit fixes' From 6c4f4dabb5e805b1a39b58b3f0d43e9c31850cc0 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:35:45 -0700 Subject: [PATCH 02/14] test pre-commit isort --- src/seer/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/seer/app.py b/src/seer/app.py index 58527ff45..6a30517a3 100644 --- a/src/seer/app.py +++ b/src/seer/app.py @@ -1,5 +1,5 @@ -import logging import time +import logging import sentry_sdk from flask import Flask, jsonify From 5a416cd0f90dfbcc26a6dd2afad05fb2f219670a Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:43:37 -0700 Subject: [PATCH 03/14] ci: only commit on pre-commit failure --- .github/workflows/linting.yml | 2 ++ src/seer/app.py | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 8a5e3509b..4af496d16 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -39,12 +39,14 @@ jobs: pre-commit install - name: Run pre-commit on PR commits + id: pre-commit_results run: | jq '.[]' --raw-output <<< '${{steps.changes.outputs.all_files}}' | # Run pre-commit to lint and format check files that were changed (but not deleted) compared to master. xargs pre-commit run --files - name: Apply any pre-commit fixed files + if: ${{ steps.pre-commit_results.outcome == 'failure' }} # note: this runs "always" or else it's skipped when pre-commit fails uses: getsentry/action-github-commit@31f6706ca1a7b9ad6d22c1b07bf3a92eabb05632 # v2.0.0 with: diff --git a/src/seer/app.py b/src/seer/app.py index 6a30517a3..58527ff45 100644 --- a/src/seer/app.py +++ b/src/seer/app.py @@ -1,5 +1,5 @@ -import time import logging +import time import sentry_sdk from flask import Flask, jsonify From 0385d9f345abb4c782ac95231b631d54f9c96f18 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:46:22 -0700 Subject: [PATCH 04/14] ci: only commit on pre-commit failure --- .github/workflows/linting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 4af496d16..df2b9202e 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -40,6 +40,7 @@ jobs: - name: Run pre-commit on PR commits id: pre-commit_results + continue-on-error: true run: | jq '.[]' --raw-output <<< '${{steps.changes.outputs.all_files}}' | # Run pre-commit to lint and format check files that were changed (but not deleted) compared to master. From 1ff760896f19117e2093765db955e0bb30fc4059 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:47:24 -0700 Subject: [PATCH 05/14] test isort --- src/seer/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/seer/app.py b/src/seer/app.py index 58527ff45..6a30517a3 100644 --- a/src/seer/app.py +++ b/src/seer/app.py @@ -1,5 +1,5 @@ -import logging import time +import logging import sentry_sdk from flask import Flask, jsonify From b19d39d49d120c7469aab65c3d7718c20db1e532 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:50:14 -0700 Subject: [PATCH 06/14] statuses write? --- .github/workflows/linting.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index df2b9202e..899aee513 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -13,6 +13,7 @@ jobs: permissions: pull-requests: write contents: write + statuses: write steps: - uses: actions/checkout@v3 From 7516cb46f2a6521b00b6ed450d17fa9c8e1f9a5d Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:54:52 -0700 Subject: [PATCH 07/14] use app --- .github/workflows/linting.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 899aee513..e6c712dde 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -10,11 +10,6 @@ concurrency: jobs: build: runs-on: ubuntu-latest - permissions: - pull-requests: write - contents: write - statuses: write - steps: - uses: actions/checkout@v3 - name: Get changed files @@ -47,6 +42,14 @@ jobs: # Run pre-commit to lint and format check files that were changed (but not deleted) compared to master. xargs pre-commit run --files + - name: Get auth token + id: token + if: ${{ steps.pre-commit_results.outcome == 'failure' }} + uses: getsentry/action-github-app-token@v2.0.0 + with: + app_id: ${{ secrets.SENTRY_INTERNAL_APP_ID }} + private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }} + - name: Apply any pre-commit fixed files if: ${{ steps.pre-commit_results.outcome == 'failure' }} # note: this runs "always" or else it's skipped when pre-commit fails From db94fdf1fe647e70a1a3c7fff277babf4c762e20 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:57:35 -0700 Subject: [PATCH 08/14] use var for app id --- .github/workflows/linting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index e6c712dde..a59fc29a1 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -47,7 +47,7 @@ jobs: if: ${{ steps.pre-commit_results.outcome == 'failure' }} uses: getsentry/action-github-app-token@v2.0.0 with: - app_id: ${{ secrets.SENTRY_INTERNAL_APP_ID }} + app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }} private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }} - name: Apply any pre-commit fixed files From c671fbe6f47e8dfb1ed5cb8f6288bb402fa38773 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:58:17 -0700 Subject: [PATCH 09/14] use v3 --- .github/workflows/linting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index a59fc29a1..1cd1565dc 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -45,7 +45,7 @@ jobs: - name: Get auth token id: token if: ${{ steps.pre-commit_results.outcome == 'failure' }} - uses: getsentry/action-github-app-token@v2.0.0 + uses: getsentry/action-github-app-token@v3.0.0 with: app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }} private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }} From c81290725f60baf413a1a415bd0c0402ce159ae1 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:59:59 -0700 Subject: [PATCH 10/14] woops --- .github/workflows/linting.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 1cd1565dc..97a10b70d 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -55,5 +55,5 @@ jobs: # note: this runs "always" or else it's skipped when pre-commit fails uses: getsentry/action-github-commit@31f6706ca1a7b9ad6d22c1b07bf3a92eabb05632 # v2.0.0 with: - github-token: ${{secrets.GITHUB_TOKEN}} + github-token: ${{steps.token.outputs.token}} message: ':hammer_and_wrench: apply pre-commit fixes' From 067c963aa43f23929a1a943ec83cba8708e9d11a Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 16:06:16 -0700 Subject: [PATCH 11/14] update version --- .github/workflows/linting.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 97a10b70d..8f9750090 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -53,7 +53,7 @@ jobs: - name: Apply any pre-commit fixed files if: ${{ steps.pre-commit_results.outcome == 'failure' }} # note: this runs "always" or else it's skipped when pre-commit fails - uses: getsentry/action-github-commit@31f6706ca1a7b9ad6d22c1b07bf3a92eabb05632 # v2.0.0 + uses: getsentry/action-github-commit@v2.1.0 with: - github-token: ${{steps.token.outputs.token}} + github-token: ${{ steps.token.outputs.token }} message: ':hammer_and_wrench: apply pre-commit fixes' From 54822e35ca8a114fc93a366a7ad7c20334dddb65 Mon Sep 17 00:00:00 2001 From: mdtro <20070360+mdtro@users.noreply.github.com> Date: Wed, 17 Jul 2024 16:09:03 -0700 Subject: [PATCH 12/14] define permissions --- .github/workflows/linting.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 8f9750090..10f00d4d5 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -10,6 +10,11 @@ concurrency: jobs: build: runs-on: ubuntu-latest + permissions: + pull-requests: read + contents: write + statuses: write + steps: - uses: actions/checkout@v3 - name: Get changed files From 6b8c0d6be2bf080acbc2d2a8eba802b609b3e5fb Mon Sep 17 00:00:00 2001 From: Jeffrey Hung <17494876+Jeffreyhung@users.noreply.github.com> Date: Wed, 17 Jul 2024 16:26:14 -0700 Subject: [PATCH 13/14] Revert "test isort" This reverts commit 1ff760896f19117e2093765db955e0bb30fc4059. --- src/seer/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/seer/app.py b/src/seer/app.py index 6a30517a3..58527ff45 100644 --- a/src/seer/app.py +++ b/src/seer/app.py @@ -1,5 +1,5 @@ -import time import logging +import time import sentry_sdk from flask import Flask, jsonify From 3b37b3a42ab9ab6908e8f24332c3c7fae58d81b7 Mon Sep 17 00:00:00 2001 From: Jeffrey Hung <17494876+Jeffreyhung@users.noreply.github.com> Date: Wed, 17 Jul 2024 16:31:01 -0700 Subject: [PATCH 14/14] remove extra whitespaces --- .github/workflows/linting.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 10f00d4d5..b88d675b9 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -34,7 +34,6 @@ jobs: cache-dependency-path: | requirements.txt install-cmd: pip install -r requirements-precommit.txt - - name: Setup pre-commit run: | pre-commit install @@ -49,14 +48,14 @@ jobs: - name: Get auth token id: token - if: ${{ steps.pre-commit_results.outcome == 'failure' }} + if: ${{ steps.pre-commit_results.outcome == 'failure' }} uses: getsentry/action-github-app-token@v3.0.0 with: app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }} private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }} - name: Apply any pre-commit fixed files - if: ${{ steps.pre-commit_results.outcome == 'failure' }} + if: ${{ steps.pre-commit_results.outcome == 'failure' }} # note: this runs "always" or else it's skipped when pre-commit fails uses: getsentry/action-github-commit@v2.1.0 with: